TLS

The Ravelin API only accepts requests over HTTPS using TLS version 1.2 or higher. One of the following cipher suites must be used:

  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

The above requirements are under frequent review and may change as TLS best practices evolve. Clients will be alerted in advance of any changes.

Feedback